Governance & Risk Management , Remote Workforce

Work-at-Home: The Impact on Security

Survey Sizes Up Increased Risks, New Duties for Security Staff
Work-at-Home: The Impact on Security
Some security pros say cybersecurity incidents have increased since the shift to working at home.

The shift to working at home is opening the door to cybersecurity incidents. Some 23% of respondents to a small survey conducted by the training organization International Information System Security Certification Consortium - also known as (ISC)2 - say their organization has experienced an increase in cybersecurity incidents since transitioning to remote work.

See Also: A Guide to Passwordless Anywhere

"COVID-19 hit us with all the necessary ingredients to fuel cybercrime: 100% work from home before most organizations were really ready; chaos caused by technical issues plaguing workers not used to [work from home] … temptation to visit unverified websites in search of up-to-the-minute information; and remote-workforce technology supported by vendors driven by 'new feature time to market' and NOT security," one respondent to the (ISC)2 study notes.

Shifting Priorities

The (ISC)2 survey, based on responses from 256 cybersecurity professionals worldwide, is intended to offer a snapshot of how priorities have changed over the last two months.

Almost half of the security pros surveyed report that they have been shifted away from security duties and reassigned to IT duties over the last two months.

Of those that have been reassigned to IT duties, about 30% report that their organizations have seen an increase in security incidents over the last several weeks.

Organizations are asking their security teams to be creative in order to keep the workforce secure during this time, which means additional opportunities for the security team, the (ISC)2 report states.

"Security professionals are suddenly looked at as creative problem solvers and risk reducers in ways management never intended," Erik von Geldern, the CISO of FXCM, a British-based trading firm, said about the (ISC)2 survey results.

Fraudsters Adapt to Conditions

Security firm Kaspersky reported this week that attackers are taking advantage of the remote workforce to target devices using remote desktop protocol connections to gain access to corporate networks (see: RDP Brute-Force Attacks Rise During COVID-19 Crisis: Report).

And U.S. and U.K. law enforcement and government cybersecurity experts have warned that cybercrime groups and nation-state hacking gangs will continue to exploit the COVID-19 pandemic to further their own aims (see: UK and US Security Agencies Sound COVID-19 Threat Alert).

About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.